1. Field of Invention
The present invention relates generally to mass digital data storage systems. More particularly, the present invention relates to systems and methods for enabling a key, which substantially controls access to the contents of a memory card, to be stored separately from the memory card.
2. Description of the Related Art
The use of non-volatile memory systems such as flash memory storage systems is increasing due to the compact physical size of such memory systems, and the ability for non-volatile memory to be repetitively reprogrammed. The compact physical size of flash memory storage systems facilitates the use of such storage systems in devices which are becoming increasingly prevalent. Devices which use flash memory storage systems include, but are not limited to, digital cameras, digital camcorders, digital music players, handheld personal computers, and global positioning devices. The ability to repetitively reprogram non-volatile memory included in flash memory storage systems enables flash memory storage systems to be used and reused.
A flash memory storage system or non-volatile memory device such as a flash card is often interfaced with a host system such as a personal computer. Referring initially to FIG. 1, a general host system that includes a non-volatile memory device will be described. A host or computer system 100 generally includes a system bus 104 which allows a microprocessor 108, a random access memory (RAM) 112, and input/output circuits 116 to communicate. It should be appreciated that host system 100 may generally include other components, e.g., display devices and networking device, which are not shown for purposes of illustration.
In general, host system 100 may be capable of capturing information including, but not limited to, still image information, audio information, and video image information. Such information may be captured in real-time, and may be transmitted to host system 100 in a wireless manner. While host system 100 may be substantially any system, host system 100 is typically a system such as a digital camera, a video camera, a cellular communications device, an audio player, or a video player. It should be appreciated, however, that host system 100 may generally be substantially any system which stores data or information, and retrieves data or information.
Host system 100 may also be a system which either only captures data, or only retrieves data. That is, host system 100 may be a dedicated system which stores data, or host system 100 may be a dedicated system which reads data. By way of example, host system 100 may be a memory writer which is arranged only to write or store data. Alternatively, host system 100 may be a device such as an MP3 player which is typically arranged to read or retrieve data, and not to capture data.
A non-volatile memory device 120 is generally a removable non-volatile memory device that interfaces with bus 104 to store information. Typically, non-volatile memory device 120 communicates with bus 104 through an interface 130. Interface 130 may serve to reduce loading on bus 104, as will be understood by those skilled in the art. Interface 130 may generally be a reader or an adaptor.
Non-volatile memory device 120 includes non-volatile memory 124 and a memory control system 128. Non-volatile memory device 120 may be implemented on a single chip or a die. Alternatively, non-volatile memory device 120 may be implemented on a multi-chip module, or on multiple discrete components which may be used together as non-volatile memory device 120.
Non-volatile memory 124, or core, is arranged to store data such that data may be accessed and read as needed. Data stored in non-volatile memory 124 may also be erased as appropriate, although it should be understood that some data in non-volatile memory 124 may not be erased. The processes of storing data, reading data, and erasing data are generally controlled by memory control system 128. Memory control system 128 may manage the operation of non-volatile memory 124.
While non-volatile memory device 120 has generally been described as including a memory control system 128, i.e., a memory controller, it should be understood that not all non-volatile memory devices include a controller. In general, non-volatile memory devices may include, but not limited to, PC cards, Compact Flash cards, Multi Media cards, Secure Digital cards, Smart Media cards, and Memory Stick cards.
Typically, in order to protect the contents of non-volatile memory device 120, e.g., from an individual who may wish to access information stored in non-volatile memory 124 to which he is not entitled, keys or passwords are often implemented with respect to either or both non-volatile memory device 120 and software (not shown) that runs on host 100 to allow access to non-volatile memory 124. FIG. 2 is a diagrammatic representation of a host computer system, an interface, and a memory device with protected contents. A computer system 202 generally communicates with a memory card 220 through a reader 230 or an interface. Reader 230 typically serves as an interface between computer system 202 and memory card 220 to enable computer system 202 to store data in a memory 224 of memory card 220 and to retrieve data from memory 224. That is, when computer system 202 communicates with memory card 220 to transfer data between computer system 202 and memory card 220, the communications take place through reader 230. Reader 230 may include a port or a receptacle (not shown) which enables memory card 220 to communicably interface with reader 230 such that reader 230 may enable communications to be made between memory card 220 and computer system 202.
Memory card 220 includes both memory 224 and a controller 228. Memory 224 may include storage elements, blocks, or cells which store bits of information. Controller 228 interfaces with memory 224 to facilitate the storage of and retrieval of data from memory 224. Reader 230, which, for example, may be a Universal Serial Bus (USB) reader or a personal computer (PC) card reader, includes reader firmware 232 which allows reader 230 to run instructions associated with the operation of reader 230.
Memory 224 is arranged to store a key 240 which is used to access or, if appropriate, decrypt contents stored in memory 224. A user which wishes to access the contents of memory 224 may run software 242 on computer system 202 which allows the user to enter a password. Key 240 is then accessed, and when the entered password is consistent with key 240, access to the contents of memory 224 is granted. In some cases, the contents of memory 224 are then decrypted using key 240. Alternatively, a key 250 may optionally be stored in software 242 such that when key 250 is determined to substantially match key 240, or is otherwise determined to be appropriate for use in accessing the contents of memory 224, access to the contents of memory 224 is granted. Typically, the contents of memory 224 are decrypted using key 240 or key 250, as appropriate.
With reference to FIG. 3, the steps associated with accessing a memory card that is effectively password protected will be described. A process 300 of accessing memory contained in a memory card begins at step 304 in which a memory card is placed in a reader that is connected to a computer. Then, in step 308, software on the computer which allows the computer to access the memory card through the reader is executed. Typically, a password is entered into the software in step 312. A determination is made in step 316 regarding whether the entered password is valid, i.e., whether the entered password is consistent with or allows access to a key associated with contents of the memory card.
If it is determined in step 316 that the password is valid, then process flow proceeds to step 324 in which access to the memory of the memory card and, hence, the contents of the memory, is allowed. Once access is allowed, the process of accessing the memory is completed. Alternatively, if it is determined in step 316 that the password is not valid, then the indication is that access to the memory in the card is not allowed. As such, a determination is made in step 320 as to whether the attempt to access the memory card is to be aborted. If it is determined that the attempt is not to be aborted, then process flow returns to step 312 in which a password is entered. If it is determined that the attempt is to be aborted, then the process of access the memory is effectively terminated.
FIG. 4 is a process flow diagram which illustrates the steps associated with accessing a memory card by matching keys. A process 400 of accessing memory begins at step 404 in which a memory card is placed in a reader that is in communication with a computer. Once the memory card is placed in the reader, software is executed on the computer to attempt to access the memory card in step 408. In step 412, the key that is stored on the computer, e.g., in the software, is located or otherwise accessed. After the key that is stored on the computer is located, the key that is stored in the memory of the memory card is located in step 416. The keys are then compared in step 420 in order to ascertain whether the keys match. If it is determined that the keys match, then access to the contents of the memory of the memory card is effectively allowed in step 424, and the process of accessing memory is completed. Alternatively, if it is determined that the keys do not match in step 420, the indication is that access to the memory is denied, and an error message is generated in step 428. Once the error message is generated, the process of accessing memory is effectively completed.
Protecting the contents of a memory card by requiring a valid password or a matching key is generally effective in preventing unauthorized individuals from accessing the contents. However, unauthorized individuals, e.g., “hackers,” may obtain access to the key stored on the memory card and, hence, gain access to the contents of the memory card. Such individuals may also steal or otherwise obtain access to a key stored in software or hardware on a computer. In other words, keys or password information stored on either a memory card or a computer may obtained by an unauthorized individual if the individual is diligent enough to hack into the memory card or the computer.
Therefore, what is desired is a system which enables contents of a memory card to be protected such that a key which effectively enables access to the contents is not likely to be successfully obtained by an unauthorized individual. Specifically, what is needed is a system and a method which allows a password or a key which essentially protects the contents of a memory card to be stored in a reader, and not in a memory card.